aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2022-02-26 11:26:36 +0100
committerChristian Grothoff <christian@grothoff.org>2022-02-26 11:26:41 +0100
commit7164ab94bd02201f492f6b47698a1e9d14944eb6 (patch)
treeb9f8b5f2a4fdbf732d6d71708713da0ef9b60451
parent7dbabde5ecd77ab73a2d630db9f1df418ac987b8 (diff)
downloadgnunet-7164ab94bd02201f492f6b47698a1e9d14944eb6.tar.gz
gnunet-7164ab94bd02201f492f6b47698a1e9d14944eb6.zip
-remove query hash from what is being signed over
m---------contrib/gana0
-rw-r--r--src/dht/dht_api.c101
-rw-r--r--src/dht/gnunet-service-dht_clients.c10
-rw-r--r--src/dht/gnunet-service-dht_neighbours.c212
-rw-r--r--src/dht/test_dht_topo.c3
-rw-r--r--src/include/gnunet_dht_service.h47
6 files changed, 130 insertions, 243 deletions
diff --git a/contrib/gana b/contrib/gana
Subproject 887d4485ea88e42e0b339b7a992420bc1e4e1e7 Subproject 6b889c206c1948cf7180e9d5478fd8fba65617e
diff --git a/src/dht/dht_api.c b/src/dht/dht_api.c
index a16db6d4b..474198004 100644
--- a/src/dht/dht_api.c
+++ b/src/dht/dht_api.c
@@ -1300,8 +1300,7 @@ GNUNET_DHT_pp2s (const struct GNUNET_DHT_PathElement *path,
1300 1300
1301 1301
1302unsigned int 1302unsigned int
1303GNUNET_DHT_verify_path (const struct GNUNET_HashCode *query_hash, 1303GNUNET_DHT_verify_path (const void *data,
1304 const void *data,
1305 size_t data_size, 1304 size_t data_size,
1306 struct GNUNET_TIME_Absolute exp_time, 1305 struct GNUNET_TIME_Absolute exp_time,
1307 const struct GNUNET_DHT_PathElement *put_path, 1306 const struct GNUNET_DHT_PathElement *put_path,
@@ -1310,40 +1309,29 @@ GNUNET_DHT_verify_path (const struct GNUNET_HashCode *query_hash,
1310 unsigned int get_path_len, 1309 unsigned int get_path_len,
1311 const struct GNUNET_PeerIdentity *me) 1310 const struct GNUNET_PeerIdentity *me)
1312{ 1311{
1313 struct GNUNET_DHT_PutHopSignature phs = { 1312 struct GNUNET_DHT_HopSignature hs = {
1314 .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DHT_PUT_HOP), 1313 .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DHT_HOP),
1315 .purpose.size = htonl (sizeof (phs)), 1314 .purpose.size = htonl (sizeof (hs)),
1316 .expiration_time = GNUNET_TIME_absolute_hton (exp_time) 1315 .expiration_time = GNUNET_TIME_absolute_hton (exp_time)
1317 }; 1316 };
1318 struct GNUNET_DHT_ResultHopSignature ghs = {
1319 .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DHT_RESULT_HOP),
1320 .purpose.size = htonl (sizeof (ghs)),
1321 .expiration_time = GNUNET_TIME_absolute_hton (exp_time),
1322 };
1323 const struct GNUNET_PeerIdentity *pred; 1317 const struct GNUNET_PeerIdentity *pred;
1324 const struct GNUNET_PeerIdentity *succ; 1318 const struct GNUNET_PeerIdentity *succ;
1325 unsigned int i; 1319 unsigned int i;
1326 1320
1327 if (0 == get_path_len + put_path_len) 1321 if (0 == get_path_len + put_path_len)
1328 return 0; 1322 return 0;
1329 if (0 != get_path_len) 1323 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1330 { 1324 "%s is verifying signatures with GPL: %u PPL: %u!\n",
1331 GNUNET_assert (NULL != query_hash);
1332 ghs.query_hash = *query_hash;
1333 }
1334 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1335 "%s is verifying signatures for %s with GPL: %u PPL: %u!\n",
1336 GNUNET_i2s (me), 1325 GNUNET_i2s (me),
1337 NULL != query_hash ? GNUNET_h2s (query_hash) : "<null>",
1338 get_path_len, 1326 get_path_len,
1339 put_path_len); 1327 put_path_len);
1340 for (unsigned int j = 0; j<put_path_len; j++) 1328 for (unsigned int j = 0; j<put_path_len; j++)
1341 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1329 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1342 "PP%u=%s\n", 1330 "PP%u=%s\n",
1343 j, 1331 j,
1344 GNUNET_i2s (&put_path[j].pred)); 1332 GNUNET_i2s (&put_path[j].pred));
1345 for (unsigned int j = 0; j<get_path_len; j++) 1333 for (unsigned int j = 0; j<get_path_len; j++)
1346 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1334 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1347 "GP%u=%s\n", 1335 "GP%u=%s\n",
1348 j, 1336 j,
1349 GNUNET_i2s (&get_path[j].pred)); 1337 GNUNET_i2s (&get_path[j].pred));
@@ -1351,8 +1339,7 @@ GNUNET_DHT_verify_path (const struct GNUNET_HashCode *query_hash,
1351 i = put_path_len + get_path_len - 1; 1339 i = put_path_len + get_path_len - 1;
1352 GNUNET_CRYPTO_hash (data, 1340 GNUNET_CRYPTO_hash (data,
1353 data_size, 1341 data_size,
1354 &phs.h_data); 1342 &hs.h_data);
1355 ghs.h_data = phs.h_data;
1356 while (i > 0) 1343 while (i > 0)
1357 { 1344 {
1358 pred = (i - 1 >= put_path_len) 1345 pred = (i - 1 >= put_path_len)
@@ -1364,71 +1351,21 @@ GNUNET_DHT_verify_path (const struct GNUNET_HashCode *query_hash,
1364 succ = (i + 1 >= put_path_len) 1351 succ = (i + 1 >= put_path_len)
1365 ? &get_path[i + 1 - put_path_len].pred 1352 ? &get_path[i + 1 - put_path_len].pred
1366 : &put_path[i + 1].pred; 1353 : &put_path[i + 1].pred;
1367 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1354 hs.pred = *pred;
1368 "PRED: %s\n", 1355 hs.succ = *succ;
1369 GNUNET_i2s (pred)); 1356 if (GNUNET_OK !=
1370 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1357 GNUNET_CRYPTO_eddsa_verify (
1371 "SUCC: %s\n", 1358 GNUNET_SIGNATURE_PURPOSE_DHT_HOP,
1372 GNUNET_i2s (succ)); 1359 &hs,
1373 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1360 (i - 1 >= put_path_len)
1374 "SIGNER: %s\n",
1375 GNUNET_i2s ((i >= put_path_len)
1376 ? &get_path[i - put_path_len].pred
1377 : &put_path[i].pred));
1378 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1379 "SIG: %s\n",
1380 GNUNET_B2S ((i - 1 >= put_path_len)
1381 ? &get_path[i - put_path_len - 1].sig
1382 : &put_path[i - 1].sig));
1383 if ( (i + 1 >= put_path_len) &&
1384 (0 != get_path_len) )
1385 {
1386 /* NOTE: the last signature inside the 'PUT'
1387 path is from the cross-over point and already
1388 of type RESULT_HOP, but only if we have
1389 a non-empty 'GET' path! */
1390 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1391 "Key: %s offset %u\n",
1392 GNUNET_h2s (query_hash),
1393 i);
1394 ghs.pred = *pred;
1395 ghs.succ = *succ;
1396 if (GNUNET_OK !=
1397 GNUNET_CRYPTO_eddsa_verify (
1398 GNUNET_SIGNATURE_PURPOSE_DHT_RESULT_HOP,
1399 &ghs,
1400 (i - 1 >= put_path_len)
1401 ? &get_path[i - put_path_len - 1].sig 1361 ? &get_path[i - put_path_len - 1].sig
1402 : &put_path[i - 1].sig, 1362 : &put_path[i - 1].sig,
1403 (i >= put_path_len) 1363 (i >= put_path_len)
1404 ? &get_path[i - put_path_len].pred.public_key 1364 ? &get_path[i - put_path_len].pred.public_key
1405 : &put_path[i].pred.public_key)) 1365 : &put_path[i].pred.public_key))
1406 {
1407 GNUNET_break_op (0);
1408 return i;
1409 }
1410 }
1411 else
1412 { 1366 {
1413 phs.pred = *pred; 1367 GNUNET_break_op (0);
1414 phs.succ = *succ; 1368 return i;
1415 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1416 "offset %u\n",
1417 i);
1418 if (GNUNET_OK !=
1419 GNUNET_CRYPTO_eddsa_verify (
1420 GNUNET_SIGNATURE_PURPOSE_DHT_PUT_HOP,
1421 &phs,
1422 (i - 1 >= put_path_len)
1423 ? &get_path[i - put_path_len - 1].sig
1424 : &put_path[i - 1].sig,
1425 (i >= put_path_len)
1426 ? &get_path[i - put_path_len].pred.public_key
1427 : &put_path[i].pred.public_key))
1428 {
1429 GNUNET_break_op (0);
1430 return i;
1431 }
1432 } 1369 }
1433 i--; 1370 i--;
1434 } 1371 }
diff --git a/src/dht/gnunet-service-dht_clients.c b/src/dht/gnunet-service-dht_clients.c
index d6ce97666..5735b2420 100644
--- a/src/dht/gnunet-service-dht_clients.c
+++ b/src/dht/gnunet-service-dht_clients.c
@@ -36,8 +36,11 @@
36 36
37/** 37/**
38 * Enable slow sanity checks to debug issues. 38 * Enable slow sanity checks to debug issues.
39 * 0: do not check
40 * 1: check all external inputs
41 * 2: check internal computations as well
39 */ 42 */
40#define SANITY_CHECKS 1 43#define SANITY_CHECKS 2
41 44
42/** 45/**
43 * Should routing details be logged to stderr (for debugging)? 46 * Should routing details be logged to stderr (for debugging)?
@@ -1044,10 +1047,9 @@ GDS_CLIENTS_handle_reply (const struct GDS_DATACACHE_BlockData *bd,
1044 GNUNET_break (0); 1047 GNUNET_break (0);
1045 return false; 1048 return false;
1046 } 1049 }
1047#if SANITY_CHECKS 1050#if SANITY_CHECKS > 1
1048 if (0 != 1051 if (0 !=
1049 GNUNET_DHT_verify_path (query_hash, 1052 GNUNET_DHT_verify_path (bd->data,
1050 bd->data,
1051 bd->data_size, 1053 bd->data_size,
1052 bd->expiration_time, 1054 bd->expiration_time,
1053 bd->put_path, 1055 bd->put_path,
diff --git a/src/dht/gnunet-service-dht_neighbours.c b/src/dht/gnunet-service-dht_neighbours.c
index f542dd6af..db4ecb34a 100644
--- a/src/dht/gnunet-service-dht_neighbours.c
+++ b/src/dht/gnunet-service-dht_neighbours.c
@@ -40,8 +40,11 @@
40 40
41/** 41/**
42 * Enable slow sanity checks to debug issues. 42 * Enable slow sanity checks to debug issues.
43 * 0: do not check
44 * 1: check all external inputs
45 * 2: check internal computations as well
43 */ 46 */
44#define SANITY_CHECKS 1 47#define SANITY_CHECKS 2
45 48
46/** 49/**
47 * How many buckets will we allow in total. 50 * How many buckets will we allow in total.
@@ -522,15 +525,15 @@ do_send (struct PeerInfo *pi,
522 * (of purpose #GNUNET_SIGNATURE_PURPOSE_DHT_PUT_HOP) 525 * (of purpose #GNUNET_SIGNATURE_PURPOSE_DHT_PUT_HOP)
523 */ 526 */
524static void 527static void
525sign_put_path (const void *data, 528sign_path (const void *data,
526 size_t data_size, 529 size_t data_size,
527 struct GNUNET_TIME_Absolute exp_time, 530 struct GNUNET_TIME_Absolute exp_time,
528 const struct GNUNET_PeerIdentity *pred, 531 const struct GNUNET_PeerIdentity *pred,
529 const struct GNUNET_PeerIdentity *succ, 532 const struct GNUNET_PeerIdentity *succ,
530 struct GNUNET_CRYPTO_EddsaSignature *sig) 533 struct GNUNET_CRYPTO_EddsaSignature *sig)
531{ 534{
532 struct GNUNET_DHT_PutHopSignature hs = { 535 struct GNUNET_DHT_HopSignature hs = {
533 .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DHT_PUT_HOP), 536 .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DHT_HOP),
534 .purpose.size = htonl (sizeof (hs)), 537 .purpose.size = htonl (sizeof (hs)),
535 .expiration_time = GNUNET_TIME_absolute_hton (exp_time), 538 .expiration_time = GNUNET_TIME_absolute_hton (exp_time),
536 .pred = *pred, 539 .pred = *pred,
@@ -547,46 +550,6 @@ sign_put_path (const void *data,
547 550
548 551
549/** 552/**
550 * Sign that we are routing a message from @a pred to @a succ.
551 * (So the route is $PRED->us->$SUCC).
552 *
553 * @param query_hash query being answered
554 * @param data payload (the block)
555 * @param data_size number of bytes in @a data
556 * @param exp_time expiration time of @a data
557 * @param pred predecessor peer ID
558 * @param succ successor peer ID
559 * @param[out] sig where to write the signature
560 * (of purpose #GNUNET_SIGNATURE_PURPOSE_DHT_HOP)
561 */
562static void
563sign_result_path (const struct GNUNET_HashCode *query_hash,
564 const void *data,
565 size_t data_size,
566 struct GNUNET_TIME_Absolute exp_time,
567 const struct GNUNET_PeerIdentity *pred,
568 const struct GNUNET_PeerIdentity *succ,
569 struct GNUNET_CRYPTO_EddsaSignature *sig)
570{
571 struct GNUNET_DHT_ResultHopSignature hs = {
572 .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DHT_RESULT_HOP),
573 .purpose.size = htonl (sizeof (hs)),
574 .expiration_time = GNUNET_TIME_absolute_hton (exp_time),
575 .query_hash = *query_hash,
576 .pred = *pred,
577 .succ = *succ
578 };
579
580 GNUNET_CRYPTO_hash (data,
581 data_size,
582 &hs.h_data);
583 GNUNET_CRYPTO_eddsa_sign (&GDS_my_private_key,
584 &hs,
585 sig);
586}
587
588
589/**
590 * Find the optimal bucket for this key. 553 * Find the optimal bucket for this key.
591 * 554 *
592 * @param hc the hashcode to compare our identity to 555 * @param hc the hashcode to compare our identity to
@@ -1335,10 +1298,9 @@ GDS_NEIGHBOURS_handle_put (const struct GDS_DATACACHE_BlockData *bd,
1335 unsigned int put_path_length = bd->put_path_length; 1298 unsigned int put_path_length = bd->put_path_length;
1336 1299
1337 GNUNET_assert (NULL != bf); 1300 GNUNET_assert (NULL != bf);
1338#if SANITY_CHECKS 1301#if SANITY_CHECKS > 1
1339 if (0 != 1302 if (0 !=
1340 GNUNET_DHT_verify_path (NULL, 1303 GNUNET_DHT_verify_path (bd->data,
1341 bd->data,
1342 bd->data_size, 1304 bd->data_size,
1343 bd->expiration_time, 1305 bd->expiration_time,
1344 bd->put_path, 1306 bd->put_path,
@@ -1431,12 +1393,12 @@ GDS_NEIGHBOURS_handle_put (const struct GDS_DATACACHE_BlockData *bd,
1431 { 1393 {
1432 /* Note that the signature in 'put_path' was not initialized before, 1394 /* Note that the signature in 'put_path' was not initialized before,
1433 so this is crucial to avoid sending garbage. */ 1395 so this is crucial to avoid sending garbage. */
1434 sign_put_path (bd->data, 1396 sign_path (bd->data,
1435 bd->data_size, 1397 bd->data_size,
1436 bd->expiration_time, 1398 bd->expiration_time,
1437 &pp[put_path_length - 1].pred, 1399 &pp[put_path_length - 1].pred,
1438 &target->id, 1400 &target->id,
1439 &pp[put_path_length - 1].sig); 1401 &pp[put_path_length - 1].sig);
1440 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1402 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1441 "Signing PUT PATH %u => %s\n", 1403 "Signing PUT PATH %u => %s\n",
1442 put_path_length, 1404 put_path_length,
@@ -1594,10 +1556,9 @@ GDS_NEIGHBOURS_handle_reply (struct PeerInfo *pi,
1594 size_t msize; 1556 size_t msize;
1595 unsigned int ppl = bd->put_path_length; 1557 unsigned int ppl = bd->put_path_length;
1596 1558
1597#if SANITY_CHECKS 1559#if SANITY_CHECKS > 1
1598 if (0 != 1560 if (0 !=
1599 GNUNET_DHT_verify_path (query_hash, 1561 GNUNET_DHT_verify_path (bd->data,
1600 bd->data,
1601 bd->data_size, 1562 bd->data_size,
1602 bd->expiration_time, 1563 bd->expiration_time,
1603 bd->put_path, 1564 bd->put_path,
@@ -1634,7 +1595,7 @@ GDS_NEIGHBOURS_handle_reply (struct PeerInfo *pi,
1634 GNUNET_break (0); 1595 GNUNET_break (0);
1635 return false; 1596 return false;
1636 } 1597 }
1637 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1598 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1638 "Forwarding reply for key %s to peer %s\n", 1599 "Forwarding reply for key %s to peer %s\n",
1639 GNUNET_h2s (query_hash), 1600 GNUNET_h2s (query_hash),
1640 GNUNET_i2s (&pi->id)); 1601 GNUNET_i2s (&pi->id));
@@ -1681,13 +1642,12 @@ GDS_NEIGHBOURS_handle_reply (struct PeerInfo *pi,
1681 { 1642 {
1682 /* Note that the last signature in 'paths' was not initialized before, 1643 /* Note that the last signature in 'paths' was not initialized before,
1683 so this is crucial to avoid sending garbage. */ 1644 so this is crucial to avoid sending garbage. */
1684 sign_result_path (query_hash, 1645 sign_path (bd->data,
1685 bd->data, 1646 bd->data_size,
1686 bd->data_size, 1647 bd->expiration_time,
1687 bd->expiration_time, 1648 &paths[ppl + get_path_length - 1].pred,
1688 &paths[ppl + get_path_length - 1].pred, 1649 &pi->id,
1689 &pi->id, 1650 &paths[ppl + get_path_length - 1].sig);
1690 &paths[ppl + get_path_length - 1].sig);
1691 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1651 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1692 "Signing GET PATH %u/%u of %s => %s\n", 1652 "Signing GET PATH %u/%u of %s => %s\n",
1693 ppl, 1653 ppl,
@@ -1699,7 +1659,7 @@ GDS_NEIGHBOURS_handle_reply (struct PeerInfo *pi,
1699 bd->data, 1659 bd->data,
1700 bd->data_size); 1660 bd->data_size);
1701 1661
1702#if SANITY_CHECKS 1662#if SANITY_CHECKS > 1
1703 { 1663 {
1704 struct GNUNET_DHT_PathElement xpaths[get_path_length + 1]; 1664 struct GNUNET_DHT_PathElement xpaths[get_path_length + 1];
1705 1665
@@ -1708,8 +1668,7 @@ GDS_NEIGHBOURS_handle_reply (struct PeerInfo *pi,
1708 get_path_length * sizeof (struct GNUNET_DHT_PathElement)); 1668 get_path_length * sizeof (struct GNUNET_DHT_PathElement));
1709 xpaths[get_path_length].pred = GDS_my_identity; 1669 xpaths[get_path_length].pred = GDS_my_identity;
1710 if (0 != 1670 if (0 !=
1711 GNUNET_DHT_verify_path (&prm->key, 1671 GNUNET_DHT_verify_path (bd->data,
1712 bd->data,
1713 bd->data_size, 1672 bd->data_size,
1714 bd->expiration_time, 1673 bd->expiration_time,
1715 paths, 1674 paths,
@@ -1743,10 +1702,24 @@ static enum GNUNET_GenericReturnValue
1743check_dht_p2p_put (void *cls, 1702check_dht_p2p_put (void *cls,
1744 const struct PeerPutMessage *put) 1703 const struct PeerPutMessage *put)
1745{ 1704{
1705 struct Target *t = cls;
1706 struct PeerInfo *peer = t->pi;
1707 enum GNUNET_DHT_RouteOption options
1708 = (enum GNUNET_DHT_RouteOption) ntohs (put->options);
1709 const struct GNUNET_DHT_PathElement *put_path
1710 = (const struct GNUNET_DHT_PathElement *) &put[1];
1746 uint16_t msize = ntohs (put->header.size); 1711 uint16_t msize = ntohs (put->header.size);
1747 uint16_t putlen = ntohs (put->put_path_length); 1712 uint16_t putlen = ntohs (put->put_path_length);
1713 struct GDS_DATACACHE_BlockData bd = {
1714 .key = put->key,
1715 .expiration_time = GNUNET_TIME_absolute_ntoh (put->expiration_time),
1716 .type = ntohl (put->type),
1717 .data_size = msize - (sizeof(*put)
1718 + putlen * sizeof(struct GNUNET_DHT_PathElement)),
1719 .data = &put_path[putlen]
1720 };
1721 struct GNUNET_DHT_PathElement pp[putlen + 1];
1748 1722
1749 (void) cls;
1750 if ( (msize < 1723 if ( (msize <
1751 sizeof(struct PeerPutMessage) 1724 sizeof(struct PeerPutMessage)
1752 + putlen * sizeof(struct GNUNET_DHT_PathElement)) || 1725 + putlen * sizeof(struct GNUNET_DHT_PathElement)) ||
@@ -1756,6 +1729,52 @@ check_dht_p2p_put (void *cls,
1756 GNUNET_break_op (0); 1729 GNUNET_break_op (0);
1757 return GNUNET_SYSERR; 1730 return GNUNET_SYSERR;
1758 } 1731 }
1732
1733 GNUNET_memcpy (pp,
1734 put_path,
1735 putlen * sizeof(struct GNUNET_DHT_PathElement));
1736 pp[putlen].pred = peer->id;
1737 /* zero-out signature, not valid until we actually do forward! */
1738 memset (&pp[putlen].sig,
1739 0,
1740 sizeof (pp[putlen].sig));
1741#if SANITY_CHECKS
1742 /* extend 'put path' by sender */
1743 if (0 != (options & GNUNET_DHT_RO_RECORD_ROUTE))
1744 {
1745 for (unsigned int i = 0; i <= putlen; i++)
1746 {
1747 for (unsigned int j = 0; j < i; j++)
1748 {
1749 GNUNET_break (0 !=
1750 GNUNET_memcmp (&pp[i].pred,
1751 &pp[j].pred));
1752 }
1753 if (i < putlen)
1754 GNUNET_break (0 !=
1755 GNUNET_memcmp (&pp[i].pred,
1756 &peer->id));
1757 }
1758 if (0 !=
1759 GNUNET_DHT_verify_path (bd.data,
1760 bd.data_size,
1761 bd.expiration_time,
1762 pp,
1763 putlen + 1,
1764 NULL, 0, /* get_path */
1765 &GDS_my_identity))
1766 {
1767 GNUNET_break_op (0);
1768 return GNUNET_SYSERR;
1769 }
1770 }
1771 else if (0 != putlen)
1772 {
1773 GNUNET_break_op (0);
1774 return GNUNET_SYSERR;
1775 }
1776#endif
1777
1759 return GNUNET_OK; 1778 return GNUNET_OK;
1760} 1779}
1761 1780
@@ -1775,19 +1794,19 @@ handle_dht_p2p_put (void *cls,
1775 uint16_t msize = ntohs (put->header.size); 1794 uint16_t msize = ntohs (put->header.size);
1776 enum GNUNET_DHT_RouteOption options 1795 enum GNUNET_DHT_RouteOption options
1777 = (enum GNUNET_DHT_RouteOption) ntohs (put->options); 1796 = (enum GNUNET_DHT_RouteOption) ntohs (put->options);
1778 struct GDS_DATACACHE_BlockData bd = {
1779 .key = put->key,
1780 .expiration_time = GNUNET_TIME_absolute_ntoh (put->expiration_time),
1781 .type = ntohl (put->type)
1782 };
1783 const struct GNUNET_DHT_PathElement *put_path 1797 const struct GNUNET_DHT_PathElement *put_path
1784 = (const struct GNUNET_DHT_PathElement *) &put[1]; 1798 = (const struct GNUNET_DHT_PathElement *) &put[1];
1785 uint16_t putlen 1799 uint16_t putlen
1786 = ntohs (put->put_path_length); 1800 = ntohs (put->put_path_length);
1801 struct GDS_DATACACHE_BlockData bd = {
1802 .key = put->key,
1803 .expiration_time = GNUNET_TIME_absolute_ntoh (put->expiration_time),
1804 .type = ntohl (put->type),
1805 .data_size = msize - (sizeof(*put)
1806 + putlen * sizeof(struct GNUNET_DHT_PathElement)),
1807 .data = &put_path[putlen]
1808 };
1787 1809
1788 bd.data_size = msize - (sizeof(*put)
1789 + putlen * sizeof(struct GNUNET_DHT_PathElement));
1790 bd.data = &put_path[putlen];
1791 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1810 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1792 "PUT for `%s' from %s with RO (%s/%s)\n", 1811 "PUT for `%s' from %s with RO (%s/%s)\n",
1793 GNUNET_h2s (&put->key), 1812 GNUNET_h2s (&put->key),
@@ -1872,34 +1891,6 @@ handle_dht_p2p_put (void *cls,
1872 memset (&pp[putlen].sig, 1891 memset (&pp[putlen].sig,
1873 0, 1892 0,
1874 sizeof (pp[putlen].sig)); 1893 sizeof (pp[putlen].sig));
1875#if SANITY_CHECKS
1876 for (unsigned int i = 0; i <= putlen; i++)
1877 {
1878 for (unsigned int j = 0; j < i; j++)
1879 {
1880 GNUNET_break (0 !=
1881 GNUNET_memcmp (&pp[i].pred,
1882 &pp[j].pred));
1883 }
1884 if (i < putlen)
1885 GNUNET_break (0 !=
1886 GNUNET_memcmp (&pp[i].pred,
1887 &peer->id));
1888 }
1889 if (0 !=
1890 GNUNET_DHT_verify_path (&bd.key,
1891 bd.data,
1892 bd.data_size,
1893 bd.expiration_time,
1894 bd.put_path,
1895 putlen,
1896 NULL, 0, /* get_path */
1897 &GDS_my_identity))
1898 {
1899 GNUNET_break_op (0);
1900 putlen = 0;
1901 }
1902#endif
1903 } 1894 }
1904 else 1895 else
1905 { 1896 {
@@ -2359,8 +2350,7 @@ check_dht_p2p_result (void *cls,
2359 0, 2350 0,
2360 sizeof (gpx[get_path_length].sig)); 2351 sizeof (gpx[get_path_length].sig));
2361 if (0 != 2352 if (0 !=
2362 GNUNET_DHT_verify_path (&prm->key, 2353 GNUNET_DHT_verify_path (&gp[get_path_length],
2363 &gp[get_path_length],
2364 msize - (sizeof(struct PeerResultMessage) 2354 msize - (sizeof(struct PeerResultMessage)
2365 + (get_path_length + put_path_length) 2355 + (get_path_length + put_path_length)
2366 * sizeof(struct GNUNET_DHT_PathElement)), 2356 * sizeof(struct GNUNET_DHT_PathElement)),
diff --git a/src/dht/test_dht_topo.c b/src/dht/test_dht_topo.c
index fa57e13b5..4830ba629 100644
--- a/src/dht/test_dht_topo.c
+++ b/src/dht/test_dht_topo.c
@@ -377,8 +377,7 @@ dht_get_handler (void *cls,
377 return; 377 return;
378 } 378 }
379 if (0 != 379 if (0 !=
380 GNUNET_DHT_verify_path (query, 380 GNUNET_DHT_verify_path (data,
381 data,
382 size, 381 size,
383 exp, 382 exp,
384 put_path, 383 put_path,
diff --git a/src/include/gnunet_dht_service.h b/src/include/gnunet_dht_service.h
index 4e14d981d..22b659d66 100644
--- a/src/include/gnunet_dht_service.h
+++ b/src/include/gnunet_dht_service.h
@@ -118,10 +118,10 @@ GNUNET_NETWORK_STRUCT_BEGIN
118/** 118/**
119 * Message signed by a peer when doing path tracking. 119 * Message signed by a peer when doing path tracking.
120 */ 120 */
121struct GNUNET_DHT_PutHopSignature 121struct GNUNET_DHT_HopSignature
122{ 122{
123 /** 123 /**
124 * Must be #GNUNET_SIGNATURE_PURPOSE_DHT_PUT_HOP. 124 * Must be #GNUNET_SIGNATURE_PURPOSE_DHT_HOP.
125 */ 125 */
126 struct GNUNET_CRYPTO_EccSignaturePurpose purpose; 126 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
127 127
@@ -149,45 +149,6 @@ struct GNUNET_DHT_PutHopSignature
149 149
150 150
151/** 151/**
152 * Message signed by a peer when doing path tracking
153 * for RESULT (GET) hops.
154 */
155struct GNUNET_DHT_ResultHopSignature
156{
157 /**
158 * Must be #GNUNET_SIGNATURE_PURPOSE_DHT_RESULT_HOP.
159 */
160 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
161
162 /**
163 * Expiration time of the block.
164 */
165 struct GNUNET_TIME_AbsoluteNBO expiration_time;
166
167 /**
168 * Query hash of the GET that is being answered.
169 */
170 struct GNUNET_HashCode query_hash;
171
172 /**
173 * Hash over the payload of the block.
174 */
175 struct GNUNET_HashCode h_data;
176
177 /**
178 * Previous hop the message was received from. All zeros
179 * if this peer was the initiator.
180 */
181 struct GNUNET_PeerIdentity pred;
182
183 /**
184 * Next hop the message was forwarded to.
185 */
186 struct GNUNET_PeerIdentity succ;
187};
188
189
190/**
191 * A (signed) path tracking a block's flow through the DHT is represented by 152 * A (signed) path tracking a block's flow through the DHT is represented by
192 * an array of path elements, each consisting of a peer on the path and a 153 * an array of path elements, each consisting of a peer on the path and a
193 * signature by which the peer affirms its routing decision. 154 * signature by which the peer affirms its routing decision.
@@ -522,7 +483,6 @@ GNUNET_DHT_pp2s (const struct GNUNET_DHT_PathElement *path,
522 * the last signature on the path is never verified as that is the slot where 483 * the last signature on the path is never verified as that is the slot where
523 * our peer (@a me) would need to sign. 484 * our peer (@a me) would need to sign.
524 * 485 *
525 * @param query_hash the query hash, not necessarily the key of the block
526 * @param data payload (the block) 486 * @param data payload (the block)
527 * @param data_size number of bytes in @a data 487 * @param data_size number of bytes in @a data
528 * @param exp_time expiration time of @a data 488 * @param exp_time expiration time of @a data
@@ -536,8 +496,7 @@ GNUNET_DHT_pp2s (const struct GNUNET_DHT_PathElement *path,
536 * @a get_path_len + @a put_path_len - 1 if no signature was valid 496 * @a get_path_len + @a put_path_len - 1 if no signature was valid
537 */ 497 */
538unsigned int 498unsigned int
539GNUNET_DHT_verify_path (const struct GNUNET_HashCode *query_hash, 499GNUNET_DHT_verify_path (const void *data,
540 const void *data,
541 size_t data_size, 500 size_t data_size,
542 struct GNUNET_TIME_Absolute exp_time, 501 struct GNUNET_TIME_Absolute exp_time,
543 const struct GNUNET_DHT_PathElement *put_path, 502 const struct GNUNET_DHT_PathElement *put_path,